Robert Bailey wrote: > > Has anyone run into a situation where you can do a dns lookup from a > tx zone, get to the remote IP's via the IP number, I can even point a > browser at the IP and get the page, but can't ping or connect via the > DNS name? > I checked the obvious /etc/nsswitch.conf, but DNS is in the host line > just after files.
Can you ping the remote system using its IP address? FYI, the labeled zone relies on the global zone for name resolution. There is a single nscd shared by all zones. So it's the global zone that must be properly configured. The IP addresses listed in /etc/resolv.conf should be assigned the admin_low template. This can be done explicitly in tnrhdb, but it is better to do this in the eventhook script, via commands like tnctl -h <dns-server>:admin_low I'd like you to try a few things to help diagnose your problem. In your labeled zone run these commands and post the result: plabel $$ tninfo -h <the dns name of the remote web server> Do you have a web proxy server defined? If so run this tninfo -h <the web proxy server> Do you have an automatic proxy URL, .e.g. proxy.pac? Does it resolve names differently Are you using dhcp? If so, did you follow these directions? http://www.opensolaris.org/os/community/security/projects/tx/tx-laptop-install/ Are you using the eventhook script in the tar file? http://www.opensolaris.org/os/community/security/projects/tx/tx-laptop-install/inetmenu-tx.tar Are you using an all-zones interface?
